2. The protection of natural persons’ personal dataNeue Post GmbH provides information about data processing and its legal bases in accordance with Art. 13 GDPR. These are basically the contractual relationship and consent.

We only process personal data that are required to perform and process the contract or data which you have voluntarily provided.

Neue Post GmbH processes your personal data in compliance with the GDPR on the basis of laws, the contract or your consent.

3. Type of processed dataWe only process your personal data that you provided us with for our contractual relationship or with regard to a pre-contractual relationship (e.g. booking enquiry), these include, for example, name, address, email address, phone number, date of birth. We also save all our communication exchange data, for example the booking history, your enquiries, contracts, hotel services used etc.

Other data are processed if you use special services (specifically hotel WiFi). This is pointed out separately.

4. Purpose of and legal basis for processingIf your make contact via our website, by making a booking, registering for the newsletter or any other use of our services, the data provided in the form is saved by us. If you have cancelled an enquiry or booking process, no data is saved.

We process your personal data to meet our pre-contractual obligations, for example answering your enquiries, to perform the contract and associated ancillary services, such as accounting, the provision of services etc. and to meet our legal obligations.

Therefore the contract or pre-contractual relationship and Austrian legislation, if any statutory retention obligations result from this, are seen as the legal basis for data processing. If processing is not required for contractual purposes, this is done on the basis of your consent.

5. Newsletter and advertising, competitionsIf you provided your consent, your data are also used for advertising and information purposes, for example to provide you with information using newsletters or offers or invite you to enter competitions. You may revoke consent at any time using this link. We will then immediately delete your email address from our newsletter system.

6. Use of hotel WiFiIf you use our WiFi network, this Internet connection’s data (traffic data), in particular the IP address, MAC address, time of access and length of time you were connected, are saved. No content data is saved. The data is saved and deleted in compliance with the TKG (Telecommunications Act) provisions.

7. Payment systemsYou can pay by credit card when booking using the hotel’s online booking and payment system. You are forwarded to a credit card payment system for this. You can enter the credit card data there. These data are only used to process the payment.

8. Data storageYour data is only stored for as long as it is required for the aforementioned purpose or for as long as necessary based on the statutory retention periods or if it is justified to protect our legitimate interests, for example to defend compensation claims.

Data is only stored beyond this based on your consent until this is withdrawn. Despite having your consent, we are not obligated to store the data permanently and can therefore delete your data at any time.

The WiFi connections’ traffic data are stored or deleted in accordance with the TKG provisions.

9. Forwarding of dataData is only forwarded to third parties, in particular to external service providers such as IT service providers, tax advisers or accounts if this is required to perform the contract or complete out pre-contractual measures. The data can also be forwarded to lawyers or authorities if this is necessary to protect our legitimate interests.

We would like to point out that we are entitled and obligated to forward traffic data from WiFi connections to courts, public prosecutors and authorities in accordance with the provisions in Section 99 Para. 5 TKG.

Processor agreements are made with service providers as defined in Section 28 GDPR.

Data is transferred or stored on our IT service provider and payment provider servers in the EU/EEA. There is no transfer to third countries.

10. Data SecurityWe take appropriate precautions and technical and organisational measures that correspond to the state of the art to protect your personal data.

Notwithstanding our efforts, we cannot rule out the possibility of the information that you provide over the Internet or over other telecommunication networks being viewed and used by other persons. We do not accept any liability for such unauthorised use of your data by third parties.

11. Your rightsAs the data subject, you are entitled to receive information about your stored personal data, their origin, recipients and the purpose of the data processing at any time. You also have the right to the rectification, data transfer, objection, restriction of processing and blocking or erasure of incorrect data or data that has been unlawfully processed. You have the right to withdraw consent previously given for the use of your personal data at any time.

Your request will be honoured as long as it does not contradict any laws, agreements or the data controller’s legitimate interests.

Please notify us in the event of changes to your personal data.

Your request for information, erasure, rectification, objection and/or, if we can reasonably be expected to provide it, the transfer of data can be sent to the data controller’s address above.

If you believe that our processing of your data infringes applicable data protection legislation or that your data protection rights have been violated in any other way, please inform us about this so that we can look into it. There is also the option of submitting a complaint about the data processing to the responsible supervisory authority. In Austria, the competent supervisory authority is the Austrian Data Protection Authority.

12. Additional data protection declaration for website + cookies, pop-ups12.1 Server log filesAccess data: The operator or the provider of the website collects data about site access and saves them as "server log files". In this way, the following data are logged:

Website visited

Time of access

Amount of sent data in bytes

Source/reference from which you entered the site

Browser used

Operating systems used

IP address used (if applicable: in anonymous form)

The data collected are used exclusively in statistic evaluations and for improvement of the website. However, the operator of the website reserves the right to subsequently check the server log files if there are concrete indications of unlawful use.

12.2. CookiesOur website uses “cookies”. These are small text files which are stored on your end device through your browser. They do not cause any damage to your device.

We use cookies to make our website user friendly. Some cookies are stored on your end device until you delete them. They allow us to recognise your browser when you next visit our website.

If you choose to decline or deactivate the cookies, the functionality of our website may be limited.

12.3. Google Analytics:This website uses Google Analytics, a web analysis service provided by Google Inc. (“Google”). Google Analytics uses so-called “cookies”, these are text files stored on your computer allowing them to analyse how you use our website. The information about your use of this website (including your IP address) which is created by the cookie, is transferred to a Google server in the USA and is stored there. Google uses this information to analyse your use of the website, to compile reports about the website activity for its operator and to provide further services which are connected to the use of this website and of the internet. This information may also be provided to third parties if legally required or if third parties process this data on behalf of Google. Google will never associate your IP address with any other Google data. You can prevent cookies from being installed on your device by changing the settings on your browser software accordingly; however, we would like to point out that if you do so you may not have full access to all the functions of this website. By using this website, you agree to the processing of the collected data by Google in the manner and for the purposes described above.

12.4. AdWords RemarketingThe provider users the remarketing or “similar target groups” function from Google Inc. (“Google”) on its website. Using this function the provider can target visitors to the website with advertising by activating personalised interest-related ads for visitors to the website whenever they visit other websites in the Google Display network. Google uses so-called cookies to analyse website use, which is the basis for creating interest-related ads. For this Google stores a small file with a number sequence on the website visitor’s browsers. The visits to the website and the anonymous data about the website use is collected using this number. None of the website visitor’s personal data is stored. If you visit another website in the Google Display network afterwards, ads are displayed that are highly likely to take previously accessed product and information areas into account. You can permanently disable the use of cookies by Google by using the link below to download and install the plug-in provided: https://www.google.com/settings/ads/plugin?hl=de.

12.5 Use of Facebook pixels and conversion readingWith your consent we use the “visitor tracking pixel” provided by Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA (“Facebook”) on our website. With the help of Facebook Pixel we can track the users’ actions after they have viewed or clicked on a Facebook ad. The aim is to be able to optimally measure the effectiveness of Facebook ads and take strategic action. The collected data is anonymous for us, which means we do not see the individual users’ personal data. This data is stored and processed by Facebook and connected to your Facebook account. The social media platform uses this data for its own marketing purposes, in accordance with the Facebook Privacy Policy https://www.facebook.com/about/privacy/.

12.6 Facebook pluginsSocial plugins (“plug-ins”) provided by facebook.com, a social network operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, United States (“Facebook”) are used on these websites. When you access the web pages provided with such plug-in, a connection will be established with the Facebook servers and the plug-in will be shown through the website on your browser. As a result, the Facebook servers are informed about which of our pages you have visited. Facebook assigns this information to your personal account. By using the plugin functions (e.g. clicking “Like”, making a comment) this information is also assigned to your Facebook account. You can prevent this information being assigned to your account by logging out of your account. You can find more detailed information about the collection and use of data by Facebook in the Facebook Privacy Policy.

12.7 Instagram pluginsFunctions of the Instagram service are embedded on our website. These functions are provided and integrated by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you have an Instagram account, you can link the content of our pages to your Instagram profile. If you do so, Instagram will be able to assign the visit of our pages to your user account. Please note that as the provider of the website, we do not have any access to the content of the transferred data or its use by Instagram.

12.8 Twitter pluginsOur website contains functions provided by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. If you use Twitter and specifically the “Re-tweet” function, Twitter links your Twitter account to the websites you have visited. Other users on Twitter, in particular your followers, are informed about this. As a result, data is also transferred to Twitter. As the provider of our website, we are not informed about the content of the transferred data or the data use by Twitter.